Google to encrypt cloud storage

rysiek rysiek at hackerspace.pl
Tue Aug 20 05:52:25 PDT 2013 

Dnia wtorek, 20 sierpnia 2013 14:30:52 Moon Jones pisze:
> On 18.08.2013 23:55, rysiek wrote:
> > PRISM caused a ot of fear but now we can finally feel safe again --
> > Google will encrypt all Google Drive storage with user-supplied keys:
> > http://it.slashdot.org/story/13/08/16/239253/
> 
> I know slashdot does not generate articles. It only links to articles,
> sometimes in a VERY misleading paragraph, than leaves some uninformed
> geeks debate about the misleading text.
> 
> The article you most probably missed is some other place[1]
> 
> And the text supports that first paragraph of yours. But nothing of the
> rest of your text.

Humm, true. Not Google Drive, but Google Cloud Storage. My bad.

> > So our data will be perfectly safe with them, right? Right?.. ;)
> > 
> > Seriously, though, this is very, very bad for us. Normals will point
> > to that and say "hey, Google does the Right Thing and we can be safe
> > there, so we should all use Google now. They have encryption and
> > stuff."
> 
> Could you expand on «this is very, very bad for us»?

Well, if it's the developer-oriented GCS, not Google Drive, it's just a bit 
less bad for us.

Thing is, this encryption scheme (in which, from what I read, Google has 
access to "master keys" and has the technical ability to decrypt data once 
it's subpoenad) brings no additional safety to users. It sounds great ("we 
support encryption! and we're doing it with several keys! that has to be safe, 
eh?"), but it does effectively nothing to actually protect users and their 
data from PRISM and similar programmes.

And that means it will be this harder for us to explain why this is a bad 
scheme ("wait, you're saying encryption is evil? now I am confused!") and why 
people should use other methods of protecting their privacy and their data.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20130820/89e0ddc4/attachment-0002.sig>

More information about the cypherpunks mailing list